Login into jira with JIRA REST API ( Cookie Based) PHP

For our interm assesment we and another classmate have to build a jira extension to a website which allows customers to view everything related to their issues and allows them to create new/view them inside of their project.

We wanted to use cookie based authentication (oposite to re-verifieing the user upon every request)

however the auth request always returns Login failed, and we can't seem to find the cause.

We both have almost no experience in jira or with the api itself so we hoped someone could help us out.

 

We are sending the request via ajax to a different php file to handle the request like below.

 

index.php

<body> 
<form id="login-form" action="jira-oauth.php" method="post">
<input type="text" id="username-input" name="username" placeholder="username" /><br />
<input type="password" id="password" name="password" placeholder="password" /><br />
</form>
<button id="login-button" >login oauth</button>
<button id="profile-button">retrieve profile</button>
script type="text/javascript">
$("#login-button").click(function(){
$.ajax({
type: "POST",
url: "jiracookie.php",
data: $("#login-form").serialize(),
success: function(data) {
var win = window.open();
win.document.write(data);
}
});
});
$("#profile-button").click(function(){
$.ajax({
type: "POST",
url: "jiraprofile.php",
data: $("#username-input").serialize(),
success: function(data) {
var win = window.open();
win.document.write(data);
}
});
});
</script>
</body>

jiracookie.php 

<?php 
$ch = curl_init('https://xxxxx.atlassian.net/rest/auth/1/session');
$jsonData = array( 'username' => $_POST['username'], 'password' => $_POST['password'] );
$jsonDataEncoded = json_encode($jsonData);
curl_setopt($ch, CURLOPT_POSTFIELDS, $jsonDataEncoded);

curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json'));

$result = curl_exec($ch);
curl_close($ch);

$sess_arr = json_decode($result, true);

echo '<pre>';
var_dump($ch);
var_dump($sess_arr);
echo'</pre>';

if(isset($sess_arr['errorMessages'][0])) {
echo $sess_arr['errorMessages'][0];
} else {
setcookie($sess_arr['session']['name'], $sess_arr['session']['value'], time() + (86400 * 30), "/");
echo "Login Success!";
}?>

 

1 answer

This widget could not be displayed.

Hi Williams,

You forgot to mention if it is the call to create a session or the successive one that uses the cookie to authenticate that is failing.

The best way to troubleshoot this is to try to run the same calls using curl and see if you are able to correctly create a session and use the retrieved cookie to authenticate the successive calls:

1) Create the session and save the cookie in a file named cookie.txt

curl -D- -H "Content-Type: application/json" -c cookie.txt -d '{"username":"EMAIL ADDRESS HERE", "password":"PASSWORD HERE" }' -X POST https://HOSTNAME/rest/auth/1/session 

 2) Use the cookie to authenticate a REST request:

curl -D- -H "Content-Type: application/json" -b cookie.txt -X GET https://HOSTNAME/rest/api/2/issuetypes

 

Depending on the outcome of above test you will know whether or not the problem is with your code or with something else.

Finally, in case the problem is with your code you may want to re-ask this question in the developers' community:

https://community.developer.atlassian.com/

 

I hope this helps.

 


Best Regards,
Dario

Hello Dario,

 

We have tried your suggestion , but then we get a response back with the which is the same as when we try it in the code when we expect the JSESSIONID with the token.

We don't know the solution or the cause of this problem, could you help us?

the response is like this:

{"session" :{"name":"cloud.session.token=a bunch of random numbers"}}

 

@William Ross,

That answer should mean that a session has been created and gives you the session token... There is no error here, and the data inside cookie.txt should be the one you need to authenticate the successive calls. 

Have you tied the second curl command in my previous answer? 

Is it working? Is it failing? 

I am still not sure what the problem is here and since it is not stated explicitly I can just try to guess and that's usually not the best way to proceed.

 

Also, you can find many examples on how to use cookie authentication on jira.atlassian.com:

Suggest an answer

Log in or Sign up to answer
Atlassian Summit 2018

Meet the community IRL

Atlassian Summit is an excellent opportunity for in-person support, training, and networking.

Learn more
Community showcase
Posted Wednesday in New to Jira

Are you planning to trial, or are currently trialling Jira Software? - We want to talk to you!

Hello! I'm Rayen, a product manager at Atlassian. My team and I are working hard to improve the trial experience for Jira Software Cloud. We are interested in   talking to 20 people planning t...

112 views 2 0
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you